Jumpsec discovered a vulnerability that could allow hackers to send malicious files to company employees using Microsoft Teams. In this respect informs portal Latest Hacking News.
Organizations using Microsoft Team tend to set default settings that open the door to attacks from external users. Also, exploiting the vulnerability does not require knowledge of complex techniques and involves changing the recipient’s identifiers in the POST request. So a hacker could send a file containing malicious code that looks like a document from a known person.
Jumpsec warns that attackers can amplify the impact of an attack by using domains and email addresses similar to those of the targeted organizations. Although Microsoft Teams tags messages from external users with a special “External” label, this may not be enough to prevent the user from clicking on a suspicious file.
Jumpsec recommends that organizations review Microsoft Teams settings and limit communication with external users to improve employee security in organizations.
Formerly socialbites.ca saidThat Russia will create devices that will protect against hackers in KasperskyOS.